It depends on what you mean by them getting confused.
Other than a single device to manage, along with the
support issues that you've brought up, I don't believe
there are many other advantages to having them on the
same box. Security issues that arise from having them
separate is just that you would have to poke holes
through your firewall to allow the VPN connections to
be established (if you're firewalling that traffic to
begin with.) Nothing terribly major as long as strong
password policies are in place, or the use of a SecureID
or something similar. Regular auditing of established
connections/attempts is something I would highly
recommend that is often ignored.
That's my opinion at least.
-Russell
Joe Norton wrote:
> This message brings up a subject I could use some input on. Here we have
> a seperate VPN and firewall setup, and they get confused. Does a straight
> firewall that supports VPN work any better? Are there disadvantages to
> having it all on one box? I can imagine it being cheaper and easier to
> support, but are there any security or managment issues that might make it a
> bad idea?
|